Swift to reveal new security plan after recent slew of cyberheists

In efforts to rebuild its reputation Swift’s CEO Gottfried Leibbrandt is slated to announce the launch of a new five-point plan for improved securityReuters

Swift, the global financial communication service, has said that it intends to launch a new security programme, which will enable itself and its customers to better defend themselves against cyberattacks. The move comes after recent reports emerged of a slew of cyberheists, the most prominent of which is the Bangladesh Bank hack, which is currently being investigated by officials.

In efforts to rebuild its reputation, which was brought into question by officials of the Bangladesh bank after hackers stole $81m (£55m) using Swift to send fraudulent money transfer communications, Swift has already warned its customers to be more cautious when conducting business. It is now redoubling efforts by introducing tighter security measures.

Swift CEO Gottfried Leibbrandt is slated to attend a financial services conference in Brussels, during which he is expected to announce the launch of a new five-point plan later in the week. "I think it will prove to be a watershed event for the banking industry; there will be a before and an after Bangladesh," Mr Leibbrandt is expected to say, according to a draft of his speech obtained by the Financial Times. "Cyber risk has been the main thing to keep me awake at night."

Leibbrandt is also expected to highlight Swift's response to the cyberattacks while also committing to "drastically improve information sharing among the global financial community". He is also expected to promise to "harden security requirements for consumer-managed software to better protect their local environment" and "to introduce certification requirements for third party providers."

As part of Swift's five-point plan, which is likely to be revealed in the coming few days, the service also plans to provide the banking community with the ability to detect cyber fraud by encouraging them to use "payment pattern controls", which would help them identify suspicious activity. Swift also intends to chart out stricter guidelines, which can then be used by auditors and regulators to analyse the effectiveness of Swift's security protocols and system.

Despite having been censured by some in the banking community for not having been as active in improving security prior to the cyberattacks, Leibbrandt is expected to defend Swift's position regarding the attacks and attribute the primary cause of any breach at the users' doors.

Following the attack on the Bangladesh bank, reports of two other banks also having been targeted in a similar approach have emerged. A bank in Vietnam and the Ecuadorean bank Banco del Austro, both appear to have been targeted by cybercriminals. While the Vietnamese TP Bank claimed to have thwarted the attempted cyberheist, Banco del Austro reported around $9m stolen by hackers.

In each of the attacks, hackers appear to have used their knowledge of Swift's structure to manipulate victims into passing fraudulent transactions. However, in the upcoming event, Leibbrandt is slated to stress Swift's position on the attacks as well as the role it played.

"Swift, our network, software and our core messaging services have not been compromised," Mr Liebbrandt is likely to say, further adding: "Swift is not all-powerful, we are not a regulator, and we are not a policeman; success here depends on all the stakeholders in and around the industry."